Thursday, February 05, 2009

More Heartland Details Leak Out (And Some May Be Trying To Leak Back In)

Details surrounding the Heartland data breach continue to dribble out, with one respected payment systems newsletter reporting that the forensic investigators Heartland brought in were Cybertrust and Neohapsis.

Heartland had tried keeping those names confidential, an effort that was succeeding prior to the Wednesday, Feb. 4 issue of The Nilson Report. That newsletter also quoted from a MasterCard alert, which provided new details about what was taken and when.

“According to a MasterCard alert, this sniffer program stole card numbers and expiration dates from credit and debit cards processed by Heartland from May 14, 2008, through Aug. 19, 2008, as the information entered Heartland’s payment switch,” the Nilson story said. “Only an estimated 5 percent of the stolen card numbers also included names. The malware was likely deactivated when Heartland conducted regular system upgrades as part of its PCI Data Security Standards (PCI DSS) compliance program, although it’s possible that the hackers shut it down to try and avoid being traced.”

In other Heartland news, it seems that officials there may be preparing to backtrack on some of the details they previously disclosed. Since Friday (Jan. 30), Heartland has been promising a written statement to clarify—and apparently back off from—some of the details they revealed in interviews. As of Wednesday (Feb. 4) night, no such statement had materialized, nor were Heartland officials willing to discuss what would be in the statement.